Dark Reading

Heroku: Cyberattacker Used Stolen OAuth Tokens to Steal Customer Account Credentials

Salesforce subsidiary Heroku on Thursday said that the threat actor that stole Heroku GitHub integration OAuth tokens in April also accessed an internal database containing hashed and salted passwords ...
Bleeping Computer

GitHub notifies owners of private repos stolen using OAuth tokens

GitHub says it notified all organizations believed to have had data stolen from their private repositories by attackers abusing compromised OAuth user tokens issued to Heroku and Travis-CI. "As of ...
Bleeping Computer

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories. Since this campaign was first spotted on April 12, ...

MCP, Agent Tool Access And The New Execution-Layer Security Gap

The execution layer has already shifted from humans to machines. This transition is not a future trend; it is the current ...
CSOonline

OAuth token compromise hits Salesforce ecosystem again, Gainsight impacted

Attackers leveraged stolen secrets to hijack integrations and access customer data, highlighting the need for enterprises to audit connected apps and enforce token hygiene. Salesforce has disclosed ...